The European Parliament adopted by 438 votes to 133, with 17 abstentions, a resolution on the recommendation of the European Parliament to the Council and the Commission on the conclusion of an agreement, under negotiation, between the European Union and New Zealand on the exchange of personal data between the European Union Agency for Law Enforcement Cooperation (Europol) and the New Zealand authorities competent for fighting serious crime and terrorism.
Parliament encouraged the Commission to start negotiations with New Zealand at an early date on the exchange of personal data between Europol and the New Zealand authorities competent for fighting serious crime and terrorism in accordance with the negotiating directives adopted by the Council. It insisted that the level of data protection provided for in the Agreement should be essentially equivalent to the level of protection provided for under EU law.
Parliament made the following recommendations to the Commission:
- the transfer of sensitive personal data should only be permitted in exceptional cases where such transfers are strictly necessary and proportionate for preventing and combating criminal offences covered by the agreement;
- clear safeguards should be defined for the data subject, persons linked to the data subject and persons linked to the criminal offence such as witnesses and victims should be defined to guarantee respect for fundamental rights;
- the future agreement should explicitly lay down a list of criminal offences in relation to which personal data can be exchanged;
- the agreement should contain a clear and precise provision setting out the retention period for personal data that have been transferred to New Zealand and requiring the data to be erased at the end of that period;
- the independent supervisory authority vested with effective powers of investigation and intervention is to be in charge of supervising the implementation of the international agreement should be clearly defined before the conclusion of the agreement;
- the international agreement should include a provision allowing the EU to suspend or revoke the agreement in the event of a breach;
- a mechanism for monitoring and periodically evaluating the agreement should be established in order to evaluate the partners’ compliance with the agreement and the functioning of the agreement in relation to the operational needs of Europol, and with the EU data protection law;
- the onward transfers of Europol information from competent New Zealand authorities to other authorities in New Zealand, including for use in judicial proceedings, should only be allowed for the original purposes of the transfer by Europol and should be made subject to prior authorisation by Europol.
Members stressed that Parliament will give its consent to the conclusion of the agreement only if such an agreement does not pose risks to the rights to privacy and data protection, nor to other fundamental rights and freedoms protected by the Charter of Fundamental Rights of the European Union.